Follow on Google News News By Tag Industry News News By Place Country(s) Industry News
Follow on Google News | Indicative List of Policies to be framed for ISO 27001:2013By: CUNIX a) Business Strategy, b) contracts, regulations and legislations and c) security threat environment are the source of requirements which "information security policies" should address. What should "Information Security Policy" cover? a) Definition of Information security, objectives and principles to direct all activities related to information security b) Assignment of responsibilities of Information Security management to defined roles c) Processes of handling non-conformities and exceptions Indicative List of policies: 1) Information Security 2) Access control 3) Information classification and handling 4) Physical and environmental security 5) Acceptable use of assets 6) Clear Desk and clear screen 7) Information Transfer 8) Mobile device and teleworking 9) Restriction on software installations and use 10) Back-up 11) Protection from malware 12) Management of technical vulnerabilities 13) Cryptographic controls 14) Communication security 15) Privacy and protection of personally identifiable information 16) Supplier relationships These policies should be communicated to relevant internal and stakeholders in the context of awareness of information security. for more info visit to- http://www.cunixinfotech.com Media Contact shashi@cunixinfotech.com End
Account Email Address Account Phone Number Disclaimer Report Abuse
|
|